EUVD-2026-25024
GHSA-4wrp-79m8-9m9p
CVSS VectorNVD
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H
Lifecycle Timeline
1DescriptionNVD
A Time-of-Check to Time-of-Use (TOCTOU) vulnerability exists in the split utility of uutils coreutils. The program attempts to prevent data loss by checking for identity between input and output files using their file paths before initiating the split operation. However, the utility subsequently opens the output file with truncation after this path-based validation is complete. A local attacker with write access to the directory can exploit this race window by manipulating mutable path components (e.g., swapping a path with a symbolic link). This can cause split to truncate and write to an unintended target file, potentially including the input file itself or other sensitive files accessible to the process, leading to permanent data loss.
AnalysisAI
The split utility in uutils coreutils contains a time-of-check to time-of-use (TOCTOU) race condition that allows local attackers with directory write access to manipulate symbolic links between the initial path validation and file truncation, causing data loss to unintended target files including the input file or other sensitive files. CVSS 6.3 (local, high complexity, low privilege required); SSVC assesses as non-exploitable in automated attacks but partial technical impact due to manual race window exploitation requirements.
Sign in for full analysis, threat intelligence, and remediation guidance.
Share
External POC / Exploit Code
Leaving vuln.today